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AMENDMENTS TO THE SPECIFICATION 

Beginning on page 3 and ending on page 4, please replace the last full paragraph with the 
following amended paragraph: 

An SSL session may include multiple secure connections; in addition, parties may have 
multiple simultaneous sessions. The session state includes the following elements: a session 
identifier (an arbitrary byte sequence chosen by the server to identify an active or returnable 
session state); a peer certificate (an X509.v3[X509] certificate of the peer); a compression 
method; a cipher spec (the bulk data encryption algorithm (such as null, DES, etc,) and a MAC 
algorithm (such as MD5 or SHA)); a master secret (a 48-byte secret shared between the client 
and server); an "is resumable" flag (indicating whether the session can be used to initiate new 
connections). The connection state includes the following elements: server and client random 
byte sequences that are chosen by the server and client for each connection; server write MAC 
secret used in MAC operations on data written by the server; client write MAC secret used in 
MAC operations on data written by the client; a server write key; a client write key; initialization 
vectors maintained for each key and initialized by the SSL handshake protocol; and sequence 
numbers maintained by eachaeh party for transmitted and received messages for each connection. 
When a party sends or receives a change cipher spec message, the appropriate sequence number 
is set to zero. 

On page 4, please replace the first full paragraph with the following amended paragraph: 
When a number of Web clients axe connecting to a particular Web site having a number 
of servers, each server will be required to handle a number of clients in the secure transaction 
environment. As a result, the processing overhead that is required by each server to perform to 
the secure sockets layer encryption and decryption is very high. If this were the only solution to 
providing secure communications protocols between the client and server, each transactional 
Web site would be required to provide aan large number of servers to handle to the expected 
traffic. 
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Beginning on page 10 and ending on page 1 1, please replace the last paragraph with the 
following amended paragraph: 

It should be recognized that the system of the present invention may include a hardware 
device which may comprise a server add-in card, a network coupled device specifically 
constructed to perform the functions described herein, or a network coupled device having the 
capability of providing a plurality of functions, such as, for example, routing functions on 
network communications. In one embodiment, a dedicated device coupled to a network and 
suitable for performing the operations described herein will include network interface hardware, 
random access memory and a microprocessor. In an alternative embodiment, a hardware device 
may include a plurality of processors each with a dedicated memory or sharing a common 
memory, with one or more of the processors dedicated to one or more specific tasks, such as 
performing the SSL encryption and decryption needed to implement the present invention. One 
such device which is optimal for performing the method of the present invention is described in 
U.S. Patent Number 6,839.808 oo pend i ng patent application serial no: fNEX&E- 
01020USO entitled MULTI PROCESSOB r SYSTEM, inventors , filed July 6, 2001 . 

On page 1 1, please replace the first full paragraph with the following amended paragraph: 
Figure 4 illustrates the typical TCP/IP handshake sequence. The "threeway handshake" 
is the procedure used to establish a TCP/IP connection. This procedure normally is initiated by 
one TCP device (in Figure 3, the client) and responded to by another TCP device (in Figure 3, 
the server). The procedure also works if two TCP simultaneously initiate the procedure. 
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